[2949] in Kerberos-V5-bugs
krb5-appl/616: telnet option-parsing bug
daemon@ATHENA.MIT.EDU (ghudson@MIT.EDU)
Fri Jul 31 01:20:13 1998
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: krb5-unassigned@RT-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, ghudson@MIT.EDU
Date: Fri, 31 Jul 1998 01:08:31 -0400
From: ghudson@MIT.EDU
Reply-To: ghudson@MIT.EDU
To: krb5-bugs@MIT.EDU
>Number: 616
>Category: krb5-appl
>Synopsis: telnet -k option doesn't get copied as realm correctly
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Fri Jul 31 01:09:01 EDT 1998
>Last-Modified:
>Originator: Greg Hudson
>Organization:
MIT
>Release: 1.0pl1
>Environment:
System: IRIX maytag 6.3 12161207 IP32
>Description:
libtelnet/kerberos.c defines dst_realm_sz as an int. telnet/main.c
declares it as an extern char, which tends to have the value 0. So
the realm argument gets copied in incorrectly into the krb4 realm
buffer.
>How-To-Repeat:
>Fix:
Index: main.c
===================================================================
RCS file: /afs/dev.mit.edu/source/repository/third/krb5/src/appl/telnet/telnet/main.c,v
retrieving revision 1.4
diff -c -r1.4 main.c
*** main.c 1998/07/30 17:06:59 1.4
--- main.c 1998/07/31 05:00:51
***************
*** 232,238 ****
case 'k':
#if defined(AUTHENTICATION) && defined(KRB4)
{
! extern char *dest_realm, dst_realm_buf[], dst_realm_sz;
dest_realm = dst_realm_buf;
(void)strncpy(dest_realm, optarg, dst_realm_sz);
}
--- 232,239 ----
case 'k':
#if defined(AUTHENTICATION) && defined(KRB4)
{
! extern char *dest_realm, dst_realm_buf[];
! extern int dst_realm_sz;
dest_realm = dst_realm_buf;
(void)strncpy(dest_realm, optarg, dst_realm_sz);
}
>Audit-Trail:
>Unformatted:
